Malwarebytes Anti-Malware www.malwarebytes.org Date de l'analyse: 07/07/2015 Heure de l'analyse: 10:09 Fichier journal: mbam.txt Administrateur: Oui Version: 2.1.8.1057 Base de données de programmes malveillants: v2015.07.07.02 Base de données de rootkits: v2015.07.05.03 Licence: Essai Protection contre les programmes malveillants: Activé Protection contre les sites Web malveillants: Activé Autoprotection: Désactivé Système d'exploitation: Windows 7 Service Pack 1 Processeur: x64 Système de fichiers: NTFS Utilisateur: Cat Type d'analyse: Analyse des menaces Résultat: Terminé Objets analysés: 373217 Temps écoulé: 36 min, 19 s Mémoire: Activé Démarrage: Activé Système de fichiers: Activé Archives: Activé Rootkits: Désactivé Heuristique: Activé PUP: Activé PUM: Activé Processus: 0 (Aucun élément malveillant détecté) Modules: 0 (Aucun élément malveillant détecté) Clés du registre: 9 PUM.Security.Hijack.DisableChromeUpdates, HKLM\SOFTWARE\POLICIES\GOOGLE\UPDATE, En quarantaine, [35b9f4ea8efca1958fa1f1aa6f9621df], PUP.Optional.CrossRider.C, HKLM\SOFTWARE\WOW6432NODE\APPDATALOW\SOFTWARE\Crossrider, En quarantaine, [f6f8ab33d3b76bcbdda97d84857fd12f], PUP.Optional.GlobalUpdate.C, HKLM\SOFTWARE\WOW6432NODE\GLOBALUPDATE\UPDATE\Clients, En quarantaine, [8569f4ea4941d75fc8897d1c09fc926e], PUM.Security.Hijack.DisableChromeUpdates, HKLM\SOFTWARE\WOW6432NODE\POLICIES\GOOGLE\UPDATE, En quarantaine, [4da1f1ed008a79bdab85049762a3c838], PUP.Optional.SuperOptimizer.C, HKU\S-1-5-18\SOFTWARE\APPDATALOW\{1146AC44-2F03-4431-B4FD-889BC837521F}, En quarantaine, [fdf1e9f599f1ba7cfc2bc2db3dc8837d], PUP.Optional.Crossrider.C, HKU\S-1-5-18\SOFTWARE\APPDATALOW\SOFTWARE\_CrossriderRegNamePlaceHolder_, En quarantaine, [3db1c8166921f046eefc662f65a0827e], PUP.Optional.CrossRider.A, HKU\S-1-5-21-2267293756-2741004066-2468904841-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{40E5428C-8CD1-4D0E-8D9E-7D9F32177F1B}, En quarantaine, [11dd97471971e84e2e1e8a0eae571ae6], PUP.Optional.CrossRider.A, HKU\S-1-5-21-2267293756-2741004066-2468904841-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{63FCCF17-4CFC-4F4F-9CFE-47912174A513}, En quarantaine, [57979945cdbd999db39aaeea877ee020], PUP.Optional.EasySpeedPC.A, HKU\S-1-5-21-2267293756-2741004066-2468904841-1000\SOFTWARE\PROBIT SOFTWARE\Easy Speed PC, En quarantaine, [78768a54f496a690163e85181ee753ad], Valeurs du registre: 5 PUM.Security.Hijack.DisableChromeUpdates, HKLM\SOFTWARE\POLICIES\GOOGLE\UPDATE|DisableAutoUpdateChecksCheckboxValue, 1, En quarantaine, [35b9f4ea8efca1958fa1f1aa6f9621df] PUP.Optional.Astromenda.C, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY|AppPath, C:\Program Files (x86)\WSE_Astromenda\\, En quarantaine, [35b9fee0b8d237fff68af011b84c58a8] PUM.Security.Hijack.DisableChromeUpdates, HKLM\SOFTWARE\WOW6432NODE\POLICIES\GOOGLE\UPDATE|DisableAutoUpdateChecksCheckboxValue, 1, En quarantaine, [4da1f1ed008a79bdab85049762a3c838] PUP.Optional.CrossRider.A, HKU\S-1-5-21-2267293756-2741004066-2468904841-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{40E5428C-8CD1-4D0E-8D9E-7D9F32177F1B}|AppName, 3a2eaa25-d3de-4ad1-a29f-9e0869efb2ec-2.exe-buttonutil.exe, En quarantaine, [11dd97471971e84e2e1e8a0eae571ae6] PUP.Optional.CrossRider.A, HKU\S-1-5-21-2267293756-2741004066-2468904841-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{63FCCF17-4CFC-4F4F-9CFE-47912174A513}|AppName, 3a2eaa25-d3de-4ad1-a29f-9e0869efb2ec-2.exe-codedownloader.exe, En quarantaine, [57979945cdbd999db39aaeea877ee020] Données du registre: 0 (Aucun élément malveillant détecté) Dossiers: 3 PUP.Optional.MultiPlug, C:\ProgramData\dlcfdgllonpgcknkpddnphbbhhhgbefk, En quarantaine, [9a54706ea9e1211545b4c8cbbb4a867a], PUP.Optional.MultiPlug, C:\ProgramData\eboebfomhoahpngbidjlkjpfgnphjigj, En quarantaine, [6e806b7396f4c6703ebb72212dd828d8], PUP.Optional.Techgile.A, C:\Users\Cat\AppData\Local\Temp\Techgile, En quarantaine, [549a617db8d29f9785b76485ef14ce32], Fichiers: 16 PUP.Optional.MyPCBackup.SID.A, C:\Users\Cat\AppData\Local\Temp\88AFtmp\cloud_backup_setup.exe, En quarantaine, [41adc41adab0171f2c07058e8e786f91], PUP.Optional.SuperOptimizer.A, C:\Users\Cat\AppData\Local\Temp\88B5tmp\superoptimizersetup.exe, En quarantaine, [a846dd01cdbdcc6a077bb2b12fd38977], PUP.Optional.Tuto4PC.A, C:\Users\Cat\AppData\Local\Temp\is-N1RPF.tmp\gentlemjmp_ieu.exe, En quarantaine, [6886d40aacde310597c10f84ab5bb947], PUP.Optional.Nosibay.A, C:\Users\Cat\AppData\Local\Temp\6122014195312\WindApp Uninstall.exe, En quarantaine, [88665985365491a55517573c20e6649c], PUP.Optional.MyPCBackup.SID.A, C:\Users\Cat\AppData\Local\Temp\AFE3tmp\cloud_backup_setup.exe, En quarantaine, [09e5954998f231056ac94053010524dc], PUP.Optional.EasySpeedPC.A, C:\Users\Cat\AppData\Local\Temp\AFF7tmp\easyspeedpc.exe, En quarantaine, [876710cef39776c0fb420c622dd53ec2], PUP.Optional.DsiLoad, C:\Users\Cat\AppData\Local\408384097dsisetup4084105862.exe, En quarantaine, [11dd8a545f2b5dd96912e57d37cb936d], PUP.Optional.MultiPlug, C:\ProgramData\dlcfdgllonpgcknkpddnphbbhhhgbefk\lsdb.js, En quarantaine, [9a54706ea9e1211545b4c8cbbb4a867a], PUP.Optional.MultiPlug, C:\ProgramData\dlcfdgllonpgcknkpddnphbbhhhgbefk\background.html, En quarantaine, [9a54706ea9e1211545b4c8cbbb4a867a], PUP.Optional.MultiPlug, C:\ProgramData\dlcfdgllonpgcknkpddnphbbhhhgbefk\content.js, En quarantaine, [9a54706ea9e1211545b4c8cbbb4a867a], PUP.Optional.MultiPlug, C:\ProgramData\dlcfdgllonpgcknkpddnphbbhhhgbefk\manifest.json, En quarantaine, [9a54706ea9e1211545b4c8cbbb4a867a], PUP.Optional.MultiPlug, C:\ProgramData\eboebfomhoahpngbidjlkjpfgnphjigj\lsdb.js, En quarantaine, [6e806b7396f4c6703ebb72212dd828d8], PUP.Optional.MultiPlug, C:\ProgramData\eboebfomhoahpngbidjlkjpfgnphjigj\background.html, En quarantaine, [6e806b7396f4c6703ebb72212dd828d8], PUP.Optional.MultiPlug, C:\ProgramData\eboebfomhoahpngbidjlkjpfgnphjigj\content.js, En quarantaine, [6e806b7396f4c6703ebb72212dd828d8], PUP.Optional.MultiPlug, C:\ProgramData\eboebfomhoahpngbidjlkjpfgnphjigj\manifest.json, En quarantaine, [6e806b7396f4c6703ebb72212dd828d8], PUP.Optional.BubbleDock.A, C:\Users\Cat\AppData\Local\Temp\LBubble Dock.txt, En quarantaine, [8e60ffdf345696a0cb867d21fb0a9d63], Secteurs physiques: 0 (Aucun élément malveillant détecté) (end)